Software Delpoyment using GPO

Here is what I have done so far.

.Created an OU called it test.
.Created a user, called him test.
.Put the user test in the Test OU.
. Created a folder & shared the folder with everyone full access (just to be on the safe side).
.Download .MSI file for a program called 7-Zip.
.Put the file into the folder that I created and shared.
.Crated a new GOP, called it deployed 7zip, edit the GPO ( see attached snap shoot )
. GPO Settings. On client workstation did a gpupdate /force
.The gpupdate says it was competed successfully & User policy update has completed successfully. What it dose not do is ask me to reboot for the GPO to take affect.

Needless to say I reboot and the GPO doe not install the 7-zip.msi file.


What I'm I missing?
checked, re-checked and checked again and still no joy.
Can anyone tell me what I'm doing wrong? From what I have read and seem it should not be difficult to get this running.

Thank you all
LVL 1
noadAsked:
Who is Participating?
 
Joseph MoodyBlogger and wearer of all hats.Commented:
If you go to C:\Users\Administrator, you can open the file named Report.htm
0
 
mprssjprCommented:
In the GPO editor, right-click the '7-Zip GPO Software' policy, and link it to the domain.
0
 
lamaslanyCommented:
Unless I am mistaken the GPO needs to be applied to the OU the Computer is in rather than the OU the User is in...
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
joenswCommented:
HI
Please try to Set the Group Policy setting under Computer Configuration -> Administrative Templates -> System ->  Logon -> Always wait for the network at computer startup and logon to Enabled.
0
 
noadAuthor Commented:
mprssjpr

Why the domain GPO, I want it to go to a specific OU. I don't want it to apply to everyone.

can you explain?

Thanks
0
 
noadAuthor Commented:
lamaslany

I have applied both the computer and user to the test OU.
see the snap shoot. maybe I did it wrong? Can you take a look and verify for me?

Thanks
0
 
mprssjprCommented:
Noad - yes, I know it seems illogical, but that's how it works. When you right click it, and choose 'Link Enabled' and 'Enforced', you will see in the main pane that another item appears, with the name of the domain.

You will see in that columns of the main pane that the object is NOT enforced for the domain, only for the OU. If you don't link to the domain, the object is kind of...orphaned.
0
 
noadAuthor Commented:
joensw

do you mean to setup a GPO in the test OU and give it those settings?

If that is what you mean, I did it and still no joy, noting seems to be working!
I still can't see what I'm doing wrong...
0
 
Joseph MoodyBlogger and wearer of all hats.Commented:
Read this to help troubleshoot the GPO:

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_11009-10-Ways-to-Troubleshoot-Group-Policy.html

The picture shows the software on the computer side. If so, you must have that linked to an ou containing computers.

You also don't need to list the computers and authenticated users on the security scope. Authenticated Users is every authenticated object (computers and users).
0
 
noadAuthor Commented:
mprssjpr

ok, I understand what you are saying, not sure exactly how to do it...
Can you plz explain it to me in more details.
Sorry....
Not thinking stright
0
 
noadAuthor Commented:
jmoody10

So you are saying to include or move the computer into the test OU?
0
 
Joseph MoodyBlogger and wearer of all hats.Commented:
mprssjpr is wrong. The GPO can be linked to an OU specifically. It does not need to be enforced or link to the domain as well.
0
 
Joseph MoodyBlogger and wearer of all hats.Commented:
From your picture, you have the MSI loaded in Computer Config\Software Installation. Because of this, the GPO must apply to a computer. If you have the GPO linked to Test OU and the GPO applies to Authenticated Users, then a computer will need to be in the Test OU as well.

The user can be in any OU.

After moving the computer, restart once (because you moved the computer object). Restart once more (so that the GPO can be downloaded). Restart once more so that it can be applied.

You can also cut these restarts down by enabling "Always wait for the network at computer startup and logon". ComputerConfig\Admin Templates\System\Group Policy
0
 
lamaslanyCommented:
The Computer account needs to be in the Test OU.
0
 
noadAuthor Commented:
Guys
I understand what you are saying.
Sorry
My primary JOB is as a Paramedic on a Fire Dept.
I'm going on a call now, bit Willie PC to test OU and try it out ASAP

Thanks all
0
 
noadAuthor Commented:
jmoodly10

Ok
I tested what you explain and it did not work, here is what I did.
I added the computer to the test OU and removed the GPO link from the domain.
No joy, I added the GPO link back to the Domain and it worked.
I did this second test with a different computer.

While I more then agree with you that I should be able to set the GPO to different OU's, I must still be doing something wrong.

Any other ideas as to how I can correct it?

Thanks.
0
 
Joseph MoodyBlogger and wearer of all hats.Commented:
ok. Do this:

Link GPO back to Test OU only. On a client, run this command: gpresult /h Report.htm /f. Then right click on your GPO and select Save report.

Upload both files here.
0
 
noadAuthor Commented:
k
will do
0
 
noadAuthor Commented:
Jmoody10

I ran the command and got noting, I ran gpresult -r and got the following.
I do see where the GPO is added and as per your input I removed the GPO link form the Domain GPO. I even installed Flash this way and it worked....
Now I'm working on uninstalling the 7Zip file via the GPO and will try the same with other work stations on the network.

GPO  ( gpresult -r )
0
 
noadAuthor Commented:
Oh...
WOW, I'm way off today...

Regardless, you are correct. I was able to deploy to a win8 computer on the network that's on a different OU.
I will look into getting the report..

Thanks for all of your help.
0
 
noadAuthor Commented:
Simple instruction to follow.
0
 
Joseph MoodyBlogger and wearer of all hats.Commented:
Not a problem!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.